Apparently, though unproven, at 04:54 on Wednesday 08 December 2010, Mark David Dumlao did opine thusly:
> Hi. > I'm usually slow at updating my gentoo machine, and I think I was > behind by about a month from last update. Anyways, I noticed that the > recent pambase-20101024 has pam_permit optional on for auth, account > and password in /etc/pam.d/system-auth. > > That didn't sound real neat, so Iooked it up in the manual and it says > "very dangerous, use with extreme caution." > > Following their advice, I look up pam_permit and try to understand why > anyone would put it on by default, but the google hits I get on > pam_permit are very terse. > > What does pam_permit do when set to optional for auth, account, > password and session? Clearly I don't want my pam to start letting in > everybody, but I doubt the gentoo team would either, so maybe I'm just > misunderstanding. > > In the meantime I didn't allow it in. The pam maintainer usually blogs about his changes: http://blog.flameeyes.eu -- alan dot mckinnon at gmail dot com
